My slides of my talk at WordSesh 2014.
A talk about a few projects and the lessons I learned from them.
Checkout wordsesh.org for more information about this event.
The recent launch of Alfresco One 5.0 included many key enhancements to the software. Some are provided to increase ease-of-use to end users while others bring new and improved integrations and capabilities to administrators and developers. In addition to several bug fixes, SharePoint Protocol was replaced by Alfresco Office Services and now supports property mapping and better browser support. HTML5 preview includes full text search and the ability to download or permalink from the preview—all without Flash.
The latest improvements to solr 4 will bring a more responsive and faceted search to the software. This includes inline actions for search results as well as the search criteria defaulting to AND rather than OR. Support for clustering/sharding and term highlighting is expected soon as well.
In addition to these advancements, the following list touches on some enhancements. In depth information can be found at https://www.alfresco.com/5ready
CMIS 1.1 Item Type
Site Manager and Analytics
More Aikau components
Advanced inline HTML editor (TinyMCE4)
Many Explorer-only features added to Share
Content encryption at rest
Improvements to docs.alfresco.com
Whitebase : Assault Carrier for Micro-ServicesJaewoo Ahn
Whitebase is an assault carrier to carry and support Micro-Services.
Features:
- Light-weight API Gateway/Proxy for Micro-Services
- Launcher for Micro-Services
- and more! (TBD)
My slides of my talk at WordSesh 2014.
A talk about a few projects and the lessons I learned from them.
Checkout wordsesh.org for more information about this event.
The recent launch of Alfresco One 5.0 included many key enhancements to the software. Some are provided to increase ease-of-use to end users while others bring new and improved integrations and capabilities to administrators and developers. In addition to several bug fixes, SharePoint Protocol was replaced by Alfresco Office Services and now supports property mapping and better browser support. HTML5 preview includes full text search and the ability to download or permalink from the preview—all without Flash.
The latest improvements to solr 4 will bring a more responsive and faceted search to the software. This includes inline actions for search results as well as the search criteria defaulting to AND rather than OR. Support for clustering/sharding and term highlighting is expected soon as well.
In addition to these advancements, the following list touches on some enhancements. In depth information can be found at https://www.alfresco.com/5ready
CMIS 1.1 Item Type
Site Manager and Analytics
More Aikau components
Advanced inline HTML editor (TinyMCE4)
Many Explorer-only features added to Share
Content encryption at rest
Improvements to docs.alfresco.com
Whitebase : Assault Carrier for Micro-ServicesJaewoo Ahn
Whitebase is an assault carrier to carry and support Micro-Services.
Features:
- Light-weight API Gateway/Proxy for Micro-Services
- Launcher for Micro-Services
- and more! (TBD)
In The Trenches With Tomster, Upgrading Ember.js & Ember DataColdFusionConference
A few months after I started working with Ember.js & Ember Data at my new job we began a project to upgrade both. There were parts that were a breeze and others that were quite tricky. I'll walk you through some of the challenges we faced and how we solved them as well as how we began to prepare for the Ember 2.x architectural shift. Hopefully this talk will help save you some time when you decide to upgrade your Ember web application.
Applications increasingly talk to each other behind the scenes via APIs. Google’s recent acquisition of Apigee, an API management company, is an indicator of the continued importance of APIs. APIs are like building blocks, providing services and data that can be connected with other APIs to build powerful customized apps. However, developing and testing an API can be challenging because there is no built-in interface, breaking changes can cause widespread outages, sensitive data may be exposed or accessed, and accepted agile testing paradigms can be difficult to adapt to APIs. This session is an introduction to restful APIs and how to test them for security, performance, functionality, and backwards-compatibility risks.
Deep Dive: Alfresco Core Repository (... embedded in a micro-services style a...J V
Alfresco Summit 2014 (London)
Though best practice is to leverage Alfresco through the well defined API's, it can be useful to understand the internals of the repository so that your development efforts are the most effective. A deep understanding of the repository will help you to evaluate performance bottlenecks, look for bugs, or make contributions. This session provides an overview of the repository internals, including the major components, the key services, subsystems, and database. We then provide an example where we leverage the repository in a micro-service architecture while building Alfresco's future cloud products and show how the different parts of the repository interact to fulfill requests.
http://summit.alfresco.com/london/sessions/diving-deep-alfresco-repository
https://www.youtube.com/watch?v=TAE9UjC0xxc
Web services tutorial slides from my session at DPC 2012 in Amsterdam. In this 3-hour session we built the simplest possible service, and then extended it, looking at RPC, REST and SOAP along the way.
Being a WordPress developer means that our main programming language is PHP. Which works for building websites but not for running tasks. In this talk I will share my experience using Node.js as a platform to build on. Explaining why I have chosen for Node.js and show you how I used Node.js to build microservices that are supporting my WordPress projects.
A presentation given to the Brisbane Azure User Group. Several slides taken from Stephen Siciliano's Ignite 2015 presentation (http://channel9.msdn.com/Events/Ignite/2015/BRK1450)
DEVNET-1128 Cisco Intercloud Fabric NB Api's for Business & ProvidersCisco DevNet
Get to know the latest Rest API's and their Capabilities for Intercloud Fabric Business & Provider Editions. Understand how these API's can be used to integrate ICF into your Business Applications and provide the advantages of a true Hybrid Cloud to your end-users.
Join us we partner with Liip to bring you our webinar, “Resting with OroCRM”, which will demonstrate how to leverage REST with OroCRM. Liip is one of Switzerland’s leading developers of tailor-made, agile web applications and has a deep understanding of REST API’s. During this webinar, we will introduce viewers to REST and demonstrate how to use and extend OroCRM’s out-of-the-box REST API’s.
The agenda for our webinar will be as follows:
–Introduce viewers to REST theory, explaining the REST maturity model and content type negotiation
–Show how to discover which REST API’s OroCRM has to offer, how to generate API tokens and how to use them to read/write data from and into OroCRM
–Demonstrate how to add a new REST API to OroCRM by adding a new REST API to list shopping cart data imported via our Magento connector
Start future-proofing your business logic by building web APIs. Do you think it’s too hard and time-consuming? Zend has made the process easier by releasing Apigility, a free and open source tool that helps us create Zend Framework 2 back-ends ready to be consumed by desktop, mobile, the internet of things, or anything else that comes along. This session is a step-by-step tutorial. Thus I’ll be using Apigility to create an API that accesses RPG business logic via the PHP Toolkit so you can hit the ground running.
Build Modern Web Apps Using ASP.NET Web API and AngularJSTaiseer Joudeh
Slides shows the latest trends used in building RESTful API using ASP.NET Web API and how to build SPA using AngularJS which talks to those RESTful APIs
How Open Policy Agent (OPA) helps in externalizing authorization from Code in Micro Services world. Before that let's look how Authorization evolved in last decade.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
13. 1. Resource Naming
1. URI Centric
2. Use nouns, avoid verbs (HTTPVerbs)
3. Deeper you go in the resource the more detail
4. URL Params (Options)
5. Headers (Auth+Options)
6. This is where a modeling tool can help
/customers
Get - List customers
Post - Create new customer
/customer/:id
Get - Show customer
Put - Update customer
Delete - Delete customer
/customer/:id/invoices
Get - All invoices
Post - Create invoice
/customer/:id/invoice/:invoiceID
Get - Show invoice
Put - Update invoice
Delete -Delete invoice
14. 2. HTTP Verb Usage
Operation Verb
Create POST
Read GET
Update PUT
Single item update PATCH
Delete DELETE
Info/Metadata HEAD
Resource Doc OPTIONS
15. 3. Meaningful Status Codes
Code Description
200 OK, usually a representation
201 New resource, check headers for URI
202 Accepted (ASYNC), check headers or response for tokens
203 Non-authoritative (Usually a cached response)
204 No Content, but processed
205 Reset Content
206 Partial Results (Usually pagination)
Code Description
400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method not allowed
406 Not acceptable (Validation, invalid data)
408 RequestTimeout
410 Resource Gone
429 Too Many Requests
500 Server Error
18. RELAX MODEL
function configure(){
// This is where we define our RESTful service, this is usually
// our first place before even building it, we spec it out.
this.relax = {
// Service Title
title = "ForgeBox IO",
// Service Description
description = "This API powers ForgeBox",
// Service entry point, can be a single string or name value pairs to denote tiers
//entryPoint = "http://www.myapi.com",
entryPoint = {
dev = "http://localhost:9095/api/v1",
stg = "http://forgebox.stg.ortussolutions.com/api/v1",
prd = "http://forgebox.io/api/v1"
},
// Does it have extension detection via ColdBox
extensionDetection = true,
// Valid format extensions
validExtensions = "json",
// Does it throw exceptions when invalid extensions are detected
throwOnInvalidExtension = false
};
// Global API Headers
// globalHeader( name="x-app-token", description="The secret application token", required=true, type="string" );
19. 5.Uniformity
• Common Response object
• Common Controller (MVC)
• HTTPVerb Security
• Access Security
• Error Handling Uniformity
• Response Uniformity
Error!
Security
Where Frameworks Will Help!
21. BASE CONTROLLER/**
* Around handler for all functions
*/
function aroundHandler( event, rc, prc, targetAction, eventArguments ){
try{
var stime = getTickCount();
// prepare our response object
prc.response = getModel( "Response@core" );
// Scope the incoming user request
prc.oCurrentUser = securityService.getUserSession();
// prepare argument execution
var args = { event = arguments.event, rc = arguments.rc, prc = arguments.prc };
structAppend( args, arguments.eventArguments );
// Secure the call
if( isAuthorized( event, rc, prc, targetAction ) ){
// Execute action
var simpleResults = arguments.targetAction( argumentCollection=args );
}
} catch( Any e ){
// Log Locally
log.error( "Error calling #event.getCurrentEvent()#: #e.message# #e.detail#", e );
// Log to BugLogHQ
22. 6. SECURITY
SSL
HTTP Verb Security
Request Throttling
Client API Keys or Tokens (Headers/Params)
API Key + Secret Encryption Keys (Like Amazon)
Basic Authentication (At least its something!)
IP Based Filtering/Tagging (Programmatic/Firewall/Etc)
oAuth
Adobe API Manager
23. • Upgrade/Downgrade Paths
• Scale
• No more monoliths
• Implementations:
• Frameworks
• Adobe API Manager
• Both
7. VERSIONING (MODULARITY)